Cyber Crime Targets Airline Miles and Hotel Points During Busy Holidays

Airline Miles and Hotel Points: A Growing Target for Cybercrime

As we approach the busy holiday travel season, many travelers are unaware of the security risks regarding their airline and hotel loyalty accounts. A joint study by NordVPN, a cybersecurity provider based in Amsterdam, and Saily, a global eSIM service, highlights the alarming trend of cybercriminals buying and selling these valuable accounts on the dark web.

The Value of Loyalty Programs

Loyalty programs offered by airlines and hotels often provide consumers with perks that are not only desirable but also convertible into cash. With the ability to reserve flights or exchange points for gift cards, these loyalty accounts become highly attractive targets for cybercriminals. In fact, the study found that compromised accounts can be sold for as little as 115 yen (approximately $0.75) on the dark web.

Analysis Findings

The analysis focused on five years of data, revealing that over 54% of discussions regarding cyber activities related to airline loyalty programs targeted eight major airline companies. The investigation, conducted with AI-assisted filtering technology using NordStellar's 'Dark Web Search' tool, examined a variety of posts about airline and hotel points on the dark web. In total, 1,045 posts related to airline cybercrime were identified, showcasing a concerning concentration on specific companies where security breaches were common.

As a consequence of these breaches, travelers are at risk of losing miles or points without their knowledge, making preventive measures essential during this holiday period. To help mitigate these risks, NordVPN also outlined precautionary measures for consumers.

Types of Account Compromise

The investigation into how these accounts are compromised identified several common methods:

- Phishing Scams: Cybercriminals disguise themselves as airline representatives to obtain login details through fake emails or websites.
- Data Breaches: Hackers infiltrate airline systems and leak customer databases, exposing sensitive information.
- Credential Stuffing: Attackers exploit previous data breaches by targeting users who reuse passwords across multiple accounts.

Compromised accounts can lead to fraudulent bookings, upgrades, and access to various rewards, creating substantial financial risks and inconveniences for legitimate users, who may not realize their accounts have been misused until weeks later.

Hotel Data on the Dark Web

In addition to airline accounts, the study found that customer data related to hotels was also being bought and sold on the dark web. Using the keyword ‘hotel’, the analysis turned up 551 relevant posts, including mentions of major hotel chains like Hilton and Marriott, indicating a significant presence of high-end brands in these illicit discussions. In particular, Hilton accounts were referenced in about 34% of the hotel-related posts.

Data traded in these forums can include a variety of sensitive information, such as names, emails, stay histories, and even passport numbers. In some cases, entire databases were listed for as much as $3,000 (around 470,000 yen), raising concerns about secondary risks related to identity theft and fraud.

Preventative Measures Recommended by NordVPN

Marius Briedis, the Chief Technology Officer of NordVPN, recommends travelers adopt the following strategies to secure their accounts during this critical season:
1. Avoid Password Reuse: Implement strong, unique passwords for each account and enable multi-factor authentication (MFA) to minimize unauthorized access risks.
2. Regularly Check Account Activity: Monitor login histories and usage records for any suspicious activities, changing passwords immediately if any anomalies are detected.
3. Be Diligent Before and After Trips: Increased travel often involves accessing accounts from unfamiliar networks, heightening security risks. Establish a routine of checking account status pre- and post-travel, and set up alerts for unusual point usage.
4. Use VPN on Public Wi-Fi: Avoid using untrusted networks without a Virtual Private Network (VPN) to encrypt your communications and protect data from interception.
5. Utilize Travel eSIMs: Reducing dependence on unstable public networks by leveraging a secure eSIM can better protect mobile communication.

Conclusion

The increase in travel-related cybersecurity threats, particularly concerning the selling of loyalty program accounts on the dark web, demands heightened awareness among consumers. As demand for travel surges, it is crucial for users to strengthen their account security to protect against this growing cyber menace.

NordVPN remains dedicated to enhancing online privacy and security for travelers worldwide, ensuring that personal information remains protected in an increasingly dangerous digital landscape.